Vulnerabilities > Eset Software > Nod32 Antivirus > High

DATE CVE VULNERABILITY TITLE RISK
2006-04-08 CVE-2006-0951 Local Security vulnerability in Eset Software Nod32 Antivirus 2.5
The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors.
local
low complexity
eset-software
7.2
7.2
2006-04-06 CVE-2006-1649 Local Arbitrary File Creation vulnerability in Eset Software NOD32 Antivirus
The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions.
local
low complexity
eset-software
7.2
7.2
2005-09-14 CVE-2005-2903 Remote Buffer Overflow vulnerability in Eset Software Nod32 Antivirus 2.5
Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename.
network
low complexity
eset-software
7.5
7.5
2005-02-09 CVE-2004-0937 Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. 7.5
7.5
2005-01-27 CVE-2004-0936 RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. 7.5
7.5
2005-01-27 CVE-2004-0935 Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. 7.5
7.5
2005-01-27 CVE-2004-0934 Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. 7.5
7.5
2005-01-27 CVE-2004-0933 Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. 7.5
7.5
2005-01-27 CVE-2004-0932 McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. 7.5
7.5
2005-01-10 CVE-2004-1096 Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. 7.5
7.5